Many existing Public Key certification techniques exist and all work on the same principle. A file to be certified is processed by an algorithm that also uses the private key of a public/private signature key pair, to produce a signature file, FIG. 1. The public key of the public/private key pair can then be used to verify that, given the original file, the signature file was the product of the original process, FIG. 2. It is computationally unfeasible to produce a file different to the original that, when used with the relevant algorithm, would produce the same signature file with the public key.
An example of a digital document verification system based on such techniques is disclosed in U.S. Pat. No. 5,606,609, Houser et al.
An example of an encryption based scheme for ensuring document authenticity is Cryptolopes produced by IBM Corporation. Cryptolopes comprise self-executing code which requires a user to be on-line to a 3rd party and use a specific Public Key Infrastructure. The essence of Cryptolopes is to deliver a piece of encrypted content to a specified user but only after communication with a third party to authorise it. Cryptolopes are therefore not particularly useful for real-time verification of the authenticity of documents.
In the meantime, many governments are beginning to allow digital signature files to be legally valid in courts. The shortcoming of simple digitally signed documents is that a document along with its signature file could only be considered the most basic possible application of digital signature technology. Other than verifying that the signature file is valid, a computer can have no knowledge of the contents of the document, or whether the contents are legally binding, and this is critical to where the document is a contract. As such, its use still requires the skill of a lawyer and the courts to determine its legality.